"O Canada"

E-mail us at ScottLeibs@cfo.com, or contact a specific author by clicking on his or her byline. You can also post a comment directly on CFO.com by clicking on the appropriate link at the end of any article.

Please include your full name, title, company name, address, and telephone number. Letters are subject to editing for clarity and length.

The American banking system is a mess, as it still requires the Federal Deposit Insurance Corp. to help protect the majority of bank-account holders ("The Big Fail," April). Is there a proper fix? Yes! All we have to do is go north to Canada.

About 80 years ago, the Canadians found the proper liquidity requirements for banks. They do not have bank failures and never will. Over this period of time their banking system has proven to have the right rules. Now, their banks would [like] to be more wide open — like the American, Greek, and Spanish banks (to name a few) — but due to the fact that they have not been allowed to fracture their assets, the Canadian banking system has proven to be the best.

Canada's banks do not have the glamour of American banks, even though they are very large, but they do have rules that protect not only their account holders but Canadian taxpayers as well.

David GageVia E-mail

The Real Solution

While Robert Pozen's statement that "CFOs can play a valuable role in making audit committees more effective by helping them deal with the data deluge…" is quite true, it would not have been a solution to the Lehman Brothers issue that was the lead for the article "A Three-Step Plan for CFOs" (Topline, April).

In that case, either the CFO was an integral part of the cover-up or management blocked the CFO's access to information. In the first case, information about the transactions, as provided to the audit committee, would have either been omitted by the CFO or worded in such a way as to minimize or disguise the effect of the transactions. In the second case, the CFO would not have had the information necessary to properly communicate the effect of the transactions to the audit committee. For Mr. Pozen's recommendation to be useful, the CFO has to have both full knowledge of all relevant activities or transactions and ethics that are strong enough to resist pressure from other members of management to participate in the frauds or questionable activities.

In the case of Repo 105 transactions at Lehman, analyses I've read indicate complicity by the external auditors in covering the transactions to minimize recognition by the audit committee. If the external auditors had properly assessed the transactions and had not caved in to management's position that they were valid accounting transactions with minimal risk, the auditors would have been obligated to raise the issue with the audit committee. Instead, they seem to have swallowed management's position hook, line, and sinker. The end result was that investors were left holding lost value, because the auditors seemed to forget whom their audits were intended to protect and instead became willing shills for management.

Richard ArcherChief Financial OfficerPyr3 Inc.Augusta, Georgia

Be Aware of Cloud Costs

While software as a service (SaaS) appears cheaper than on-premises solutions, it is only when you complete the transformation of all on-premises IT costs on the basis of price per user per month (PUPM) that you can do a true comparison ("Can Cloud Computing Clear the Air?" April). This requires knowledge of the IT infrastructure and a detailed understanding of all staff, utility, depreciation, amortization, data-center, and other costs so that they all can be correctly apportioned to each application. A recent PUPM analysis I did for a major company showed that its cloud solution was the most expensive [based on] total cost per user per month, which was a real surprise, given that "cloud" rests on the promise of "cheap, quick, and easy." The next most expensive when ranked on a PUPM basis was the company's on-premises business-intelligence and reporting system, followed by 30-odd other applications, including ERP, warehousing, finance and leasing apps, e-mail, and so on.

Rob LivingstonePrincipal Rob Livingstone AdvisorySydney, Australia

A Financial Pandemic

As the article " Where There's Smoke, There's Fraud " (March) points out, business fraud certainly qualifies as a financial pandemic. As significant as the estimates in the article are, however, I suspect that these figures are actually understated, for two reasons:

First, privately held entities are not required to publicly report fraud. If they choose not to prosecute or litigate, the losses they've incurred from this criminal activity will not be encompassed within statistical reports. From our experience, this happens more than you would think.

Second, a percentage of companies are simply unaware that they are being victimized. The more subtle methods of fraud, such as overpayments to "legitimate" vendors for inflated goods or services, or carefully orchestrated kickback payments, are not only difficult to detect, but the drain that they create on bottom lines tends to become absorbed and accepted within the context of financial reports over time.

As an organization that has performed hundreds of major fraud investigations, we have found that one of the most effective strategies for preventing fraud is to apprehend the perpetrators and punish them to the fullest extent of the law, thereby setting an indelible example.

"Where There's Smoke…" is an appropriate title. However, the irony is that some senior executives, even after being confronted with textbook red flags of employee impropriety, get into a mind-set of disbelief and denial. Some simply refuse to accept the fact that the person they've known and golfed with for years would betray them, even when there is more than an ample amount of "smoke" in the air.

While accepting this possibility can be difficult, choosing not to investigate can prove to be a fatal financial mistake. In one investigation we handled, this scenario not only led to the removal of a longtime manager who confessed to ongoing fraud, but the board also removed the CEO — not because he was involved, but because of his reluctance to launch a confidential investigation when initially informed about the questionable activities. The board determined that the CEO's indecisiveness not only resulted in significant monetary loss, but damage to the company's reputation as well.

I would like to underscore the importance of the control environment and its principles in preventing and deterring fraud. Further, there is a problem that should be addressed not only in Corporate America, but worldwide: the responsibility of fraud prevention and detection is not clear enough. Those who are accountable are not only those who commit fraud, but also those who indirectly create the environment that makes fraud possible.